HackDig : Dig high-quality web security articles for hacker

MBR-ONI is a new ransomware that is being used for targeted attacks in Japan, experts speculate it was used to cover larger hacking campaigns.
MBR-ONI is a new ransomware that is being used for targeted attacks in Japan, it is a bootkit ransomware that uses a modified version of the legitimate open-source disk encryption utility DiskCryptor to encrypt the fi

The RedBoot ransomware encrypts files on the infected computer, replaces the Master Boot Record and then modifies the partition table.
Malware Blocker researcher discovered a new bootlocker ransomware, dubbed RedBoot, that encrypts files on the infected computer, replaces the Master Boot Record (MBR) of the system drive and then modifies the partition table.

The Ukrainian central bank warned state-owned and private lenders of the appearance of new the NotPetya-like attack that would target national businesses.
On Friday, the Ukrainian central bank warned of new malware-based attack risk. According to the Reuters, the Ukrainian central bank warned state-owned and private lenders of the spreading of new infections

Malware researchers discovered an anti-Israel & pro-Palestinian data wiper dubbed IsraBye that is spreading as a ransomware.
Malware researcher Jakub Kroustek from Avast has recently discovered an anti-Israel & pro-Palestinian data wiper dubbed IsraBye. Even if the lock screen claims that the files can be recovered, their content is replaced with an

Recently, there have been discussions around the topic that if our product is installed, ExPetr malware won’t write the special malicious code which encrypts the MFT to MBR. Some have even speculated that some kind of conspiracy might be ongoing. Others have pointed out it’s plain and simple nonsense. As usual, Vesselin Bontchev, a legend in IT s

Much has been written about the recent ExPetr/NotPetya/Nyetya/Petya outbreak – you can read our findings here:Schroedinger’s Pet(ya) and ExPetr is a wiper, not ransomware.
As in the case of Wannacry, attribution is very difficult and finding links with previously known malware is challenging. In the case of Wannacry, Google’s Neel Mehta was

According to the researchers, the Petya variant (NotPetya) used in the massive attack is a wiper disguised by a ransomware.
In these hours the massive global attack based on Petya variant made the headlines, computers in many countries were infected, including Russia, Ukraine, France, India and the US.
A new analysis conducted on the ransomware reveals the t

After an analysis of the encryption routine of the malware used in the Petya/ExPetr attacks, we have thought that the threat actor cannot decrypt victims’ disk, even if a payment was made.
This supports the theory that this malware campaign was not designed as a ransomware attack for financial gain. Instead, it appears it was designed as a wiper prete

Kaspersky Lab is currently tracking more than a hundred threat actors and sophisticated malicious operations targeting commercial and government organizations in over 80 countries. During the first quarter of 2017, there were 33 private reports released to subscribers of our Intelligence Services, with Indicators of Compromise (IOC) data and YARA rules to as

Kaspersky Lab is currently tracking more than a hundred threat actors and sophisticated malicious operations targeting commercial and government organizations in over 80 countries. During the first quarter of 2017, there were 33 private reports released to subscribers of our Intelligence Services, with Indicators of Compromise (IOC) data and YARA rules to as

Security researchers at Palo Alto Networks have determined that the Shamoon 2 malware uses a rudimentary technique for network distribution.
Security researchers at Palo Alto Networks continue to analyze the dreaded Shamoon 2 malware and the recent waves of attacks, now they have determined that the threat uses a rudimentary technique for network distributio

The experts spotted a new sophisticated strain of malware dubbed StoneDrill that is linked to Shamoon 2 and Charming Kitten.
Researchers at Kaspersky Lab have discovered further information about the dreaded Shamoon 2 malware. The experts spotted a new sophisticated strain of malware dubbed StoneDrill that is linked to Shamoon 2 and Charming Kitten (aka News

Download full report
Beginning in November 2016, Kaspersky Lab observed a new wave of wiper attacks directed at multiple targets in the Middle East. The malware used in the new attacks was a variant of the infamous Shamoon worm that targeted Saudi Aramco and Rasgas back in 2012.
Dormant for four years, one of the most mysterious wipers in history has

The analysis conducted by Arbor Networks on the Shamoon 2 malware has shed light on the control infrastructure and the infection process.
Security researchers from Arbor Networks’ Security Engineering and Response Team (ASERT) have conducted a new analysis of the Shamoon 2 malware discovering further details on the tools and techniques used by the threat act

Security researchers at Symantec believed that Shamoon 2 attacks leveraged credentials stolen by hackers of the Greenbug group.
A few days ago security experts at Palo Alto Networks have spotted a new strain of the Shamoon 2 malware that was targeting virtualization products.
In December malware researchers from Palo Alto Networks and Symantec discovered a n